X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=libraries%2Flibldap%2Finit.c;h=c6b68759823304508494be73f768def571f82827;hb=b0b8546f054f31b1a080defede171f833d20b124;hp=03fee191de20c21244f775bea2e579ae8ebfb1e8;hpb=77b235fba53850c4d498284fb886357c857e92b9;p=openldap diff --git a/libraries/libldap/init.c b/libraries/libldap/init.c index 03fee191de..c6b6875982 100644 --- a/libraries/libldap/init.c +++ b/libraries/libldap/init.c @@ -1,6 +1,6 @@ /* $OpenLDAP$ */ /* - * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ #include "portable.h" @@ -26,8 +26,10 @@ struct ldapoptions ldap_int_global_options = #define ATTR_INT 2 #define ATTR_KV 3 #define ATTR_STRING 4 -#define ATTR_TLS 5 -#define ATTR_URIS 6 +#define ATTR_OPTION 5 + +#define ATTR_SASL 6 +#define ATTR_TLS 7 struct ol_keyvalue { const char * key; @@ -59,26 +61,35 @@ static const struct ol_attribute { offsetof(struct ldapoptions, ldo_defbinddn)}, {0, ATTR_STRING, "BASE", NULL, offsetof(struct ldapoptions, ldo_defbase)}, - {0, ATTR_INT, "PORT", NULL, + {0, ATTR_INT, "PORT", NULL, /* deprecated */ offsetof(struct ldapoptions, ldo_defport)}, - /* **** keep this around for backward compatibility */ - {0, ATTR_URIS, "HOST", NULL, 1}, - /* **** */ - {0, ATTR_URIS, "URI", NULL, 0}, + {0, ATTR_OPTION, "HOST", NULL, LDAP_OPT_HOST_NAME}, /* deprecated */ + {0, ATTR_OPTION, "URI", NULL, LDAP_OPT_URI}, /* replaces HOST/PORT */ {0, ATTR_BOOL, "REFERRALS", NULL, LDAP_BOOL_REFERRALS}, {0, ATTR_BOOL, "RESTART", NULL, LDAP_BOOL_RESTART}, + +#ifdef HAVE_CYRUS_SASL + {1, ATTR_STRING, "SASL_MECH", NULL, + offsetof(struct ldapoptions, ldo_def_sasl_mech)}, + {1, ATTR_STRING, "SASL_REALM", NULL, + offsetof(struct ldapoptions, ldo_def_sasl_realm)}, + {1, ATTR_STRING, "SASL_AUTHCID", NULL, + offsetof(struct ldapoptions, ldo_def_sasl_authcid)}, + {1, ATTR_STRING, "SASL_AUTHZID", NULL, + offsetof(struct ldapoptions, ldo_def_sasl_authzid)}, + {0, ATTR_SASL, "SASL_SECPROPS", NULL, LDAP_OPT_X_SASL_SECPROPS}, +#endif + +#ifdef HAVE_TLS {0, ATTR_TLS, "TLS", NULL, LDAP_OPT_X_TLS}, - {0, ATTR_TLS, "TLS_CERT", NULL, LDAP_OPT_X_TLS_CERTFILE}, - {0, ATTR_TLS, "TLS_KEY", NULL, LDAP_OPT_X_TLS_KEYFILE}, + {1, ATTR_TLS, "TLS_CERT", NULL, LDAP_OPT_X_TLS_CERTFILE}, + {1, ATTR_TLS, "TLS_KEY", NULL, LDAP_OPT_X_TLS_KEYFILE}, {0, ATTR_TLS, "TLS_CACERT", NULL, LDAP_OPT_X_TLS_CACERTFILE}, {0, ATTR_TLS, "TLS_CACERTDIR",NULL, LDAP_OPT_X_TLS_CACERTDIR}, {0, ATTR_TLS, "TLS_REQCERT", NULL, LDAP_OPT_X_TLS_REQUIRE_CERT}, -#ifdef HAVE_CYRUS_SASL - {0, ATTR_INT, "SASL_MINSSF", NULL, - offsetof(struct ldapoptions, ldo_sasl_minssf)}, - {0, ATTR_INT, "SASL_MAXSSF", NULL, - offsetof(struct ldapoptions, ldo_sasl_maxssf)}, + {0, ATTR_TLS, "TLS_RANDFILE", NULL, LDAP_OPT_X_TLS_RANDOM_FILE}, #endif + {0, ATTR_NONE, NULL, NULL, 0} }; @@ -104,7 +115,12 @@ static void openldap_ldap_init_w_conf( return; } +#ifdef NEW_LOGGING + LDAP_LOG (( "init", LDAP_LEVEL_DETAIL1, + "openldap_init_w_conf: trying %s\n", file )); +#else Debug(LDAP_DEBUG_TRACE, "ldap_init: trying %s\n", file, 0, 0); +#endif fp = fopen(file, "r"); if(fp == NULL) { @@ -112,7 +128,12 @@ static void openldap_ldap_init_w_conf( return; } +#ifdef NEW_LOGGING + LDAP_LOG (( "init", LDAP_LEVEL_DETAIL1, + "openldap_init_w_conf: using %s\n", file )); +#else Debug(LDAP_DEBUG_TRACE, "ldap_init: using %s\n", file, 0, 0); +#endif while((start = fgets(linebuf, sizeof(linebuf), fp)) != NULL) { /* skip lines starting with '#' */ @@ -200,19 +221,21 @@ static void openldap_ldap_init_w_conf( if (* (char**) p != NULL) LDAP_FREE(* (char**) p); * (char**) p = LDAP_STRDUP(opt); break; + case ATTR_OPTION: + ldap_set_option( NULL, attrs[i].offset, opt ); + break; + case ATTR_SASL: +#ifdef HAVE_CYRUS_SASL + ldap_int_sasl_config( gopts, attrs[i].offset, opt ); +#endif + break; case ATTR_TLS: #ifdef HAVE_TLS - ldap_pvt_tls_config( gopts, attrs[i].offset, opt ); + ldap_int_tls_config( NULL, attrs[i].offset, opt ); #endif break; - case ATTR_URIS: - if (attrs[i].offset == 0) { - ldap_set_option( NULL, LDAP_OPT_URI, opt ); - } else { - ldap_set_option( NULL, LDAP_OPT_HOST_NAME, opt ); - } - break; } + break; } } @@ -238,23 +261,33 @@ static void openldap_ldap_init_w_userconf(const char *file) home = getenv("HOME"); if (home != NULL) { +#ifdef NEW_LOGGING + LDAP_LOG (( "init", LDAP_LEVEL_ARGS, + "openldap_init_w_userconf: HOME env is %s\n", home )); +#else Debug(LDAP_DEBUG_TRACE, "ldap_init: HOME env is %s\n", home, 0, 0); +#endif path = LDAP_MALLOC(strlen(home) + strlen(file) + 3); } else { +#ifdef NEW_LOGGING + LDAP_LOG (( "init", LDAP_LEVEL_ARGS, + "openldap_init_w_userconf: HOME env is NULL\n" )); +#else Debug(LDAP_DEBUG_TRACE, "ldap_init: HOME env is NULL\n", 0, 0, 0); +#endif } if(home != NULL && path != NULL) { /* we assume UNIX path syntax is used... */ /* try ~/file */ - sprintf(path, "%s/%s", home, file); + sprintf(path, "%s%s%s", home, LDAP_DIRSEP, file); openldap_ldap_init_w_conf(path, 1); /* try ~/.file */ - sprintf(path, "%s/.%s", home, file); + sprintf(path, "%s%s.%s", home, LDAP_DIRSEP, file); openldap_ldap_init_w_conf(path, 1); } @@ -334,22 +367,48 @@ static void openldap_ldap_init_w_env( * (char**) p = LDAP_STRDUP(value); } break; + case ATTR_OPTION: + ldap_set_option( NULL, attrs[i].offset, value ); + break; + case ATTR_SASL: +#ifdef HAVE_CYRUS_SASL + ldap_int_sasl_config( gopts, attrs[i].offset, value ); +#endif + break; case ATTR_TLS: #ifdef HAVE_TLS - ldap_pvt_tls_config( gopts, attrs[i].offset, value ); + ldap_int_tls_config( NULL, attrs[i].offset, value ); #endif break; - case ATTR_URIS: - if (attrs[i].offset == 0) { - ldap_set_option( NULL, LDAP_OPT_URI, value ); - } else { - ldap_set_option( NULL, LDAP_OPT_HOST_NAME, value ); - } - break; } } } +#if defined(__GNUC__) +/* Declare this function as a destructor so that it will automatically be + * invoked either at program exit (if libldap is a static library) or + * at unload time (if libldap is a dynamic library). + * + * Sorry, don't know how to handle this for non-GCC environments. + */ +static void ldap_int_destroy_global_options(void) + __attribute__ ((destructor)); +#endif + +static void +ldap_int_destroy_global_options(void) +{ + struct ldapoptions *gopts = LDAP_INT_GLOBAL_OPT(); + + if ( gopts->ldo_defludp ) { + ldap_free_urllist( gopts->ldo_defludp ); + gopts->ldo_defludp = NULL; + } +#if defined(HAVE_WINSOCK) || defined(HAVE_WINSOCK2) + WSACleanup( ); +#endif +} + /* * Initialize the global options structure with default values. */ @@ -368,47 +427,102 @@ void ldap_int_initialize_global_options( struct ldapoptions *gopts, int *dbglvl gopts->ldo_tm_api = (struct timeval *)NULL; gopts->ldo_tm_net = (struct timeval *)NULL; - /* ldo_defludp is leaked, we should have an at_exit() handler - * to free this and whatever else needs to cleaned up. + /* ldo_defludp will be freed by the termination handler */ ldap_url_parselist(&gopts->ldo_defludp, "ldap://localhost/"); gopts->ldo_defport = LDAP_PORT; +#if !defined(__GNUC__) && !defined(PIC) + /* Do this only for a static library, and only if we can't + * arrange for it to be executed as a library destructor + */ + atexit(ldap_int_destroy_global_options); +#endif gopts->ldo_refhoplimit = LDAP_DEFAULT_REFHOPLIMIT; - gopts->ldo_rebindproc = NULL; + gopts->ldo_rebind_proc = NULL; + gopts->ldo_rebind_params = NULL; LDAP_BOOL_ZERO(gopts); LDAP_BOOL_SET(gopts, LDAP_BOOL_REFERRALS); -#ifdef HAVE_TLS - gopts->ldo_tls_ctx = NULL; +#ifdef LDAP_CONNECTIONLESS + gopts->ldo_peer = NULL; + gopts->ldo_cldapdn = NULL; + gopts->ldo_is_udp = 0; #endif + #ifdef HAVE_CYRUS_SASL - gopts->ldo_sasl_minssf = 0; - gopts->ldo_sasl_maxssf = INT_MAX; + gopts->ldo_def_sasl_mech = NULL; + gopts->ldo_def_sasl_realm = NULL; + gopts->ldo_def_sasl_authcid = NULL; + gopts->ldo_def_sasl_authzid = NULL; + + memset( &gopts->ldo_sasl_secprops, + '\0', sizeof(gopts->ldo_sasl_secprops) ); + + gopts->ldo_sasl_secprops.max_ssf = INT_MAX; + gopts->ldo_sasl_secprops.maxbufsize = SASL_MAX_BUFF_SIZE; + gopts->ldo_sasl_secprops.security_flags = + SASL_SEC_NOPLAINTEXT | SASL_SEC_NOANONYMOUS; #endif gopts->ldo_valid = LDAP_INITIALIZED; - return; } +#if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) \ + || defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL) +char * ldap_int_hostname = NULL; +#endif + void ldap_int_initialize( struct ldapoptions *gopts, int *dbglvl ) { if ( gopts->ldo_valid == LDAP_INITIALIZED ) { return; } - ldap_int_utils_init(); + ldap_int_error_init(); -#ifdef HAVE_TLS - ldap_pvt_tls_init(); +#ifdef HAVE_WINSOCK2 +{ WORD wVersionRequested; + WSADATA wsaData; + + wVersionRequested = MAKEWORD( 2, 0 ); + if ( WSAStartup( wVersionRequested, &wsaData ) != 0 ) { + /* Tell the user that we couldn't find a usable */ + /* WinSock DLL. */ + return; + } + + /* Confirm that the WinSock DLL supports 2.0.*/ + /* Note that if the DLL supports versions greater */ + /* than 2.0 in addition to 2.0, it will still return */ + /* 2.0 in wVersion since that is the version we */ + /* requested. */ + + if ( LOBYTE( wsaData.wVersion ) != 2 || + HIBYTE( wsaData.wVersion ) != 0 ) + { + /* Tell the user that we couldn't find a usable */ + /* WinSock DLL. */ + WSACleanup( ); + return; + } +} /* The WinSock DLL is acceptable. Proceed. */ +#elif HAVE_WINSOCK +{ WSADATA wsaData; + if ( WSAStartup( 0x0101, &wsaData ) != 0 ) { + return; + } +} #endif -#ifdef HAVE_CYRUS_SASL - ldap_pvt_sasl_init(); +#if defined(LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND) \ + || defined(HAVE_TLS) || defined(HAVE_CYRUS_SASL) + ldap_int_hostname = ldap_pvt_get_fqdn( ldap_int_hostname ); #endif + ldap_int_utils_init(); if ( ldap_int_tblsize == 0 ) ldap_int_ip_init(); @@ -419,6 +533,20 @@ void ldap_int_initialize( struct ldapoptions *gopts, int *dbglvl ) return; } +#ifdef HAVE_CYRUS_SASL + { + /* set authentication identity to current user name */ + char *user = getenv("USER"); + + if( user == NULL ) user = getenv("USERNAME"); + if( user == NULL ) user = getenv("LOGNAME"); + + if( user != NULL ) { + gopts->ldo_def_sasl_authcid = user; + } + } +#endif + openldap_ldap_init_w_sysconf(LDAP_CONF_FILE); openldap_ldap_init_w_userconf(LDAP_USERRC_FILE); @@ -426,27 +554,53 @@ void ldap_int_initialize( struct ldapoptions *gopts, int *dbglvl ) char *altfile = getenv(LDAP_ENV_PREFIX "CONF"); if( altfile != NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG (( "init", LDAP_LEVEL_DETAIL1, + "openldap_init_w_userconf: %sCONF env is %s\n", + LDAP_ENV_PREFIX, altfile )); +#else Debug(LDAP_DEBUG_TRACE, "ldap_init: %s env is %s\n", LDAP_ENV_PREFIX "CONF", altfile, 0); +#endif openldap_ldap_init_w_sysconf( altfile ); } else +#ifdef NEW_LOGGING + LDAP_LOG (( "init", LDAP_LEVEL_DETAIL1, + "openldap_init_w_userconf: %sCONF env is NULL\n", + LDAP_ENV_PREFIX )); +#else Debug(LDAP_DEBUG_TRACE, "ldap_init: %s env is NULL\n", LDAP_ENV_PREFIX "CONF", 0, 0); +#endif } { char *altfile = getenv(LDAP_ENV_PREFIX "RC"); if( altfile != NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG (( "init", LDAP_LEVEL_DETAIL1, + "openldap_init_w_userconf: %sRC env is %s\n", + LDAP_ENV_PREFIX, altfile )); +#else Debug(LDAP_DEBUG_TRACE, "ldap_init: %s env is %s\n", LDAP_ENV_PREFIX "RC", altfile, 0); +#endif openldap_ldap_init_w_userconf( altfile ); } else +#ifdef NEW_LOGGING + LDAP_LOG (( "init", LDAP_LEVEL_DETAIL1, + "openldap_init_w_userconf: %sRC env is NULL\n", + LDAP_ENV_PREFIX )); +#else Debug(LDAP_DEBUG_TRACE, "ldap_init: %s env is NULL\n", LDAP_ENV_PREFIX "RC", 0, 0); +#endif } openldap_ldap_init_w_env(gopts, NULL); + + ldap_int_sasl_init(); }